|
|
|
|
|
|
by kyessenov
3311 days ago
|
|
|
We have been looking into a per-node deployment model from the beginning, which is what daemonset is doing. Things get more complicated across the board with the transparent traffic capture at the node network namespace level, invasive installation requiring tight integration with k8s and reconciling iptables rules, and a more complicated workload identity story. We have started with the sidecar model, but are certainly interested in more deployment options |
|
|